‘Significant gaps’ in government’s cybersecurity services: auditor general
Global News
Auditor General Karen Hogan said the federal government must continually bolster its defences as cyberattacks become more sophisticated, pervasive and harmful.
The federal auditor general found “significant gaps” in the government’s cybersecurity services, monitoring efforts and responses to active attacks on information systems.
In a report released on Tuesday, Auditor General Karen Hogan said the federal government must continually bolster its defences as cyberattacks become more sophisticated, pervasive and harmful.
The Treasury Board of Canada Secretariat, the Communications Security Establishment and Shared Services Canada share responsibility for protecting federal information technology systems and operations.
Hogan said the organizations work together and with departments and agencies to prevent data theft and limit disruptions to systems that deliver programs and services to Canadians.
She found not all federal organizations were subject to the same security policies, resulting in the inconsistent use of available protection services.
The report said CSE officials told Hogan the inconsistent deployment of its cybersecurity defence sensors across all federal organizations created security gaps, affecting the agency’s ability to defend government networks, systems and devices.
Shared Services and the CSE also lacked a comprehensive, current inventory of government devices and assets such as laptop computers, smartphones and servers, Hogan reported.
Shared Services Canada began working on a complete list of government devices in 2017, but the project was not completed.
